kore

An easy to use, scalable and secure web application framework for writing web APIs in C.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git

kore.h (31954B)



      1 /*
      2  * Copyright (c) 2013-2022 Joris Vink <joris@coders.se>
      3  *
      4  * Permission to use, copy, modify, and distribute this software for any
      5  * purpose with or without fee is hereby granted, provided that the above
      6  * copyright notice and this permission notice appear in all copies.
      7  *
      8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
      9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
     10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
     11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
     12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
     13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
     14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
     15  */
     16 
     17 #ifndef __H_KORE_H
     18 #define __H_KORE_H
     19 
     20 #if defined(__APPLE__)
     21 #define daemon portability_is_king
     22 #endif
     23 
     24 #include <sys/param.h>
     25 #include <sys/types.h>
     26 #include <sys/time.h>
     27 #include <sys/queue.h>
     28 #include <sys/un.h>
     29 
     30 #include <netinet/in.h>
     31 #include <arpa/inet.h>
     32 
     33 #include <errno.h>
     34 #include <regex.h>
     35 #include <stdarg.h>
     36 #include <stdlib.h>
     37 #include <stdio.h>
     38 #include <signal.h>
     39 #include <string.h>
     40 #include <syslog.h>
     41 #include <unistd.h>
     42 #include <stdarg.h>
     43 
     44 #if defined(__cplusplus)
     45 extern "C" {
     46 #endif
     47 
     48 #if defined(__APPLE__)
     49 #undef daemon
     50 extern int daemon(int, int);
     51 #define st_mtim		st_mtimespec
     52 #endif
     53 
     54 #if !defined(KORE_NO_SENDFILE)
     55 #if defined(__MACH__) || defined(__FreeBSD_version) || defined(__linux__)
     56 #define KORE_USE_PLATFORM_SENDFILE	1
     57 #endif
     58 #endif
     59 
     60 #if defined(__OpenBSD__)
     61 #define KORE_USE_PLATFORM_PLEDGE	1
     62 #endif
     63 
     64 #if defined(TLS_BACKEND_OPENSSL)
     65 #include <openssl/x509.h>
     66 #include <openssl/ssl.h>
     67 typedef X509		KORE_X509;
     68 typedef SSL		KORE_TLS;
     69 typedef SSL_CTX		KORE_TLS_CTX;
     70 typedef X509_NAME	KORE_X509_NAMES;
     71 typedef EVP_PKEY	KORE_PRIVATE_KEY;
     72 #else
     73 typedef void		KORE_X509;
     74 typedef void		KORE_TLS;
     75 typedef void		KORE_TLS_CTX;
     76 typedef void		KORE_X509_NAMES;
     77 typedef void		KORE_PRIVATE_KEY;
     78 #endif
     79 
     80 #define KORE_RSAKEY_BITS	4096
     81 
     82 /* Kore quit reasons. */
     83 #define KORE_QUIT_NONE		-1
     84 #define KORE_QUIT_NORMAL	0
     85 #define KORE_QUIT_FATAL		1
     86 
     87 #define KORE_RESULT_ERROR	0
     88 #define KORE_RESULT_OK		1
     89 #define KORE_RESULT_RETRY	2
     90 
     91 #define KORE_TLS_VERSION_1_3	0
     92 #define KORE_TLS_VERSION_1_2	1
     93 #define KORE_TLS_VERSION_BOTH	2
     94 
     95 #define KORE_BASE64_RAW		0x0001
     96 
     97 #define KORE_WAIT_INFINITE	(u_int64_t)-1
     98 #define KORE_RESEED_TIME	(1800 * 1000)
     99 
    100 #define errno_s			strerror(errno)
    101 #define ssl_errno_s		ERR_error_string(ERR_get_error(), NULL)
    102 #define KORE_DOMAINNAME_LEN		255
    103 #define KORE_PIDFILE_DEFAULT		"kore.pid"
    104 #define KORE_DHPARAM_PATH		PREFIX "/share/kore/ffdhe4096.pem"
    105 #define KORE_DEFAULT_CIPHER_LIST	"AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256:AEAD-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256"
    106 
    107 #define NETBUF_RECV			0
    108 #define NETBUF_SEND			1
    109 #define NETBUF_SEND_PAYLOAD_MAX		8192
    110 #define SENDFILE_PAYLOAD_MAX		(1024 * 1024 * 10)
    111 
    112 #define NETBUF_LAST_CHAIN		0
    113 #define NETBUF_BEFORE_CHAIN		1
    114 
    115 #define NETBUF_CALL_CB_ALWAYS	0x01
    116 #define NETBUF_FORCE_REMOVE	0x02
    117 #define NETBUF_MUST_RESEND	0x04
    118 #define NETBUF_IS_STREAM	0x10
    119 #define NETBUF_IS_FILEREF	0x20
    120 
    121 #define KORE_X509_COMMON_NAME_ONLY	0x0001
    122 
    123 #define KORE_PEM_CERT_CHAIN	1
    124 #define KORE_DER_CERT_DATA	2
    125 
    126 /* XXX hackish. */
    127 #if !defined(KORE_NO_HTTP)
    128 struct http_request;
    129 struct http_redirect;
    130 #endif
    131 
    132 #define KORE_FILEREF_SOFT_REMOVED	0x1000
    133 
    134 struct kore_fileref {
    135 	int				cnt;
    136 	int				flags;
    137 	int				ontls;
    138 	off_t				size;
    139 	char				*path;
    140 	u_int64_t			mtime;
    141 	time_t				mtime_sec;
    142 	u_int64_t			expiration;
    143 	void				*base;
    144 	int				fd;
    145 	TAILQ_ENTRY(kore_fileref)	list;
    146 };
    147 
    148 struct netbuf {
    149 	u_int8_t		*buf;
    150 	size_t			s_off;
    151 	size_t			b_len;
    152 	size_t			m_len;
    153 	u_int8_t		type;
    154 	u_int8_t		flags;
    155 
    156 	struct kore_fileref	*file_ref;
    157 	off_t			fd_off;
    158 	off_t			fd_len;
    159 
    160 	struct connection	*owner;
    161 	void			*extra;
    162 	int			(*cb)(struct netbuf *);
    163 
    164 	TAILQ_ENTRY(netbuf)	list;
    165 };
    166 
    167 TAILQ_HEAD(netbuf_head, netbuf);
    168 
    169 #define KORE_TYPE_LISTENER	1
    170 #define KORE_TYPE_CONNECTION	2
    171 #define KORE_TYPE_PGSQL_CONN	3
    172 #define KORE_TYPE_TASK		4
    173 #define KORE_TYPE_PYSOCKET	5
    174 #define KORE_TYPE_CURL_HANDLE	6
    175 
    176 #define CONN_STATE_UNKNOWN		0
    177 #define CONN_STATE_TLS_SHAKE		1
    178 #define CONN_STATE_ESTABLISHED		2
    179 #define CONN_STATE_DISCONNECTING	3
    180 
    181 #define CONN_PROTO_UNKNOWN	0
    182 #define CONN_PROTO_HTTP		1
    183 #define CONN_PROTO_WEBSOCKET	2
    184 #define CONN_PROTO_MSG		3
    185 #define CONN_PROTO_ACME_ALPN	200
    186 
    187 #define KORE_EVENT_READ		0x01
    188 #define KORE_EVENT_WRITE	0x02
    189 #define KORE_EVENT_ERROR	0x04
    190 
    191 #define CONN_IDLE_TIMER_ACT	0x0001
    192 #define CONN_CLOSE_EMPTY	0x0002
    193 #define CONN_WS_CLOSE_SENT	0x0004
    194 #define CONN_IS_BUSY		0x0008
    195 #define CONN_LOG_TLS_FAILURE	0x0020
    196 #define CONN_TLS_ALPN_ACME_SEEN	0x0040
    197 #define CONN_TLS_SNI_SEEN	0x0080
    198 
    199 #define KORE_IDLE_TIMER_MAX	5000
    200 
    201 #define WEBSOCKET_OP_CONT	0x00
    202 #define WEBSOCKET_OP_TEXT	0x01
    203 #define WEBSOCKET_OP_BINARY	0x02
    204 #define WEBSOCKET_OP_CLOSE	0x08
    205 #define WEBSOCKET_OP_PING	0x09
    206 #define WEBSOCKET_OP_PONG	0x0a
    207 
    208 #define WEBSOCKET_BROADCAST_LOCAL	1
    209 #define WEBSOCKET_BROADCAST_GLOBAL	2
    210 
    211 #define KORE_TIMER_ONESHOT	0x01
    212 #define KORE_TIMER_FLAGS	(KORE_TIMER_ONESHOT)
    213 
    214 #define KORE_CONNECTION_PRUNE_DISCONNECT	0
    215 #define KORE_CONNECTION_PRUNE_ALL		1
    216 
    217 struct kore_event {
    218 	int		type;
    219 	int		flags;
    220 	void		(*handle)(void *, int);
    221 } __attribute__((packed));
    222 
    223 struct connection {
    224 	struct kore_event	evt;
    225 	int			fd;
    226 	u_int8_t		state;
    227 	u_int8_t		proto;
    228 	struct listener		*owner;
    229 	KORE_TLS		*tls;
    230 	KORE_X509		*tls_cert;
    231 	char			*tls_sni;
    232 	int			tls_reneg;
    233 
    234 	u_int16_t		flags;
    235 	void			*hdlr_extra;
    236 
    237 	int			(*handle)(struct connection *);
    238 	void			(*disconnect)(struct connection *);
    239 	int			(*read)(struct connection *, size_t *);
    240 	int			(*write)(struct connection *, size_t, size_t *);
    241 
    242 	int			family;
    243 	union {
    244 		struct sockaddr_in	ipv4;
    245 		struct sockaddr_in6	ipv6;
    246 		struct sockaddr_un	sun;
    247 	} addr;
    248 
    249 	struct {
    250 		u_int64_t	length;
    251 		u_int64_t	start;
    252 	} idle_timer;
    253 
    254 	struct netbuf_head	send_queue;
    255 	struct netbuf		*snb;
    256 	struct netbuf		*rnb;
    257 
    258 #if !defined(KORE_NO_HTTP)
    259 	u_int64_t			http_start;
    260 	u_int64_t			http_timeout;
    261 	struct kore_runtime_call	*ws_connect;
    262 	struct kore_runtime_call	*ws_message;
    263 	struct kore_runtime_call	*ws_disconnect;
    264 	TAILQ_HEAD(, http_request)	http_requests;
    265 #endif
    266 
    267 	TAILQ_ENTRY(connection)	list;
    268 };
    269 
    270 TAILQ_HEAD(connection_list, connection);
    271 extern struct connection_list	connections;
    272 extern struct connection_list	disconnected;
    273 
    274 #define KORE_RUNTIME_NATIVE	0
    275 #define KORE_RUNTIME_PYTHON	1
    276 
    277 struct kore_runtime {
    278 	int	type;
    279 #if !defined(KORE_NO_HTTP)
    280 	int	(*http_request)(void *, struct http_request *);
    281 	void	(*http_request_free)(void *, struct http_request *);
    282 	void	(*http_body_chunk)(void *,
    283 		    struct http_request *, const void *, size_t);
    284 	int	(*validator)(void *, struct http_request *, const void *);
    285 	void	(*wsconnect)(void *, struct connection *);
    286 	void	(*wsdisconnect)(void *, struct connection *);
    287 	void	(*wsmessage)(void *, struct connection *,
    288 		    u_int8_t, const void *, size_t);
    289 #endif
    290 	void	(*execute)(void *);
    291 	int	(*onload)(void *, int);
    292 	void	(*signal)(void *, int);
    293 	void	(*connect)(void *, struct connection *);
    294 	void	(*configure)(void *, int, char **);
    295 };
    296 
    297 struct kore_runtime_call {
    298 	void			*addr;
    299 	struct kore_runtime	*runtime;
    300 };
    301 
    302 #if !defined(KORE_NO_HTTP)
    303 
    304 struct kore_route_params {
    305 	char			*name;
    306 	int			flags;
    307 	u_int8_t		method;
    308 	struct kore_validator	*validator;
    309 
    310 	TAILQ_ENTRY(kore_route_params)	list;
    311 };
    312 
    313 struct kore_route {
    314 	char					*path;
    315 	char					*func;
    316 	int					type;
    317 	int					errors;
    318 	int					methods;
    319 	regex_t					rctx;
    320 	struct kore_domain			*dom;
    321 	struct kore_auth			*auth;
    322 	struct kore_runtime_call		*rcall;
    323 	struct kore_runtime_call		*on_free;
    324 	struct kore_runtime_call		*on_headers;
    325 	struct kore_runtime_call		*on_body_chunk;
    326 
    327 	TAILQ_HEAD(, kore_route_params)		params;
    328 	TAILQ_ENTRY(kore_route)			list;
    329 };
    330 
    331 #endif
    332 
    333 struct kore_domain {
    334 	u_int16_t				id;
    335 	int					logerr;
    336 	u_int64_t				logwarn;
    337 	int					accesslog;
    338 
    339 	char					*domain;
    340 	struct kore_buf				*logbuf;
    341 	struct kore_server			*server;
    342 
    343 #if defined(KORE_USE_ACME)
    344 	int					acme;
    345 	int					acme_challenge;
    346 	void					*acme_cert;
    347 	size_t					acme_cert_len;
    348 #endif
    349 	char					*cafile;
    350 	char					*crlfile;
    351 	char					*certfile;
    352 	char					*certkey;
    353 	KORE_TLS_CTX				*tls_ctx;
    354 	int					x509_verify_depth;
    355 #if !defined(KORE_NO_HTTP)
    356 	TAILQ_HEAD(, kore_route)		routes;
    357 	TAILQ_HEAD(, http_redirect)		redirects;
    358 #endif
    359 	TAILQ_ENTRY(kore_domain)		list;
    360 };
    361 
    362 TAILQ_HEAD(kore_domain_h, kore_domain);
    363 
    364 extern struct kore_runtime	kore_native_runtime;
    365 
    366 struct listener {
    367 	struct kore_event		evt;
    368 	int				fd;
    369 	int				family;
    370 	char				*port;
    371 	char				*host;
    372 	struct kore_server		*server;
    373 	struct kore_runtime_call	*connect;
    374 
    375 	LIST_ENTRY(listener)		list;
    376 };
    377 
    378 struct kore_server {
    379 	int				tls;
    380 	char				*name;
    381 	struct kore_domain_h		domains;
    382 	LIST_HEAD(, listener)		listeners;
    383 	LIST_ENTRY(kore_server)		list;
    384 };
    385 
    386 LIST_HEAD(kore_server_list, kore_server);
    387 
    388 #if !defined(KORE_NO_HTTP)
    389 
    390 #define KORE_PARAMS_QUERY_STRING	0x0001
    391 
    392 #define KORE_AUTH_TYPE_COOKIE		1
    393 #define KORE_AUTH_TYPE_HEADER		2
    394 #define KORE_AUTH_TYPE_REQUEST		3
    395 
    396 struct kore_auth {
    397 	u_int8_t		type;
    398 	char			*name;
    399 	char			*value;
    400 	char			*redirect;
    401 	struct kore_validator	*validator;
    402 
    403 	TAILQ_ENTRY(kore_auth)	list;
    404 };
    405 
    406 #define HANDLER_TYPE_STATIC	1
    407 #define HANDLER_TYPE_DYNAMIC	2
    408 
    409 #endif /* !KORE_NO_HTTP */
    410 
    411 #define KORE_MODULE_LOAD	1
    412 #define KORE_MODULE_UNLOAD	2
    413 
    414 #define KORE_MODULE_NATIVE	0
    415 #define KORE_MODULE_PYTHON	1
    416 
    417 struct kore_module;
    418 
    419 struct kore_module_functions {
    420 	void			(*free)(struct kore_module *);
    421 	void			(*reload)(struct kore_module *);
    422 	int			(*callback)(struct kore_module *, int);
    423 	void			(*load)(struct kore_module *);
    424 	void			*(*getsym)(struct kore_module *, const char *);
    425 };
    426 
    427 struct kore_module {
    428 	void				*handle;
    429 	char				*path;
    430 	char				*onload;
    431 	int				type;
    432 	struct kore_runtime_call	*ocb;
    433 
    434 	struct kore_module_functions	*fun;
    435 	struct kore_runtime		*runtime;
    436 
    437 	TAILQ_ENTRY(kore_module)	list;
    438 };
    439 
    440 /*
    441  * The workers get a 128KB log buffer per worker, and parent will fetch their
    442  * logs when it reached at least 75% of that or if its been > 1 second since
    443  * it was last synced.
    444  */
    445 #define KORE_ACCESSLOG_BUFLEN		131072U
    446 #define KORE_ACCESSLOG_SYNC		98304U
    447 
    448 struct kore_alog_header {
    449 	u_int16_t		domain;
    450 	u_int16_t		loglen;
    451 } __attribute__((packed));
    452 
    453 struct kore_privsep {
    454 	char		*root;
    455 	char		*runas;
    456 	int		skip_runas;
    457 	int		skip_chroot;
    458 };
    459 
    460 struct kore_worker {
    461 	u_int16_t			id;
    462 	u_int16_t			cpu;
    463 	int				ready;
    464 	int				running;
    465 #if defined(__linux__)
    466 	int				tracing;
    467 #endif
    468 	pid_t				pid;
    469 	int				pipe[2];
    470 	struct connection		*msg[2];
    471 	u_int8_t			has_lock;
    472 	int				restarted;
    473 	u_int64_t			time_locked;
    474 	struct kore_route		*active_route;
    475 	struct kore_privsep		*ps;
    476 
    477 	/* Used by the workers to store accesslogs. */
    478 	struct {
    479 		int			lock;
    480 		size_t			offset;
    481 		char			buf[KORE_ACCESSLOG_BUFLEN];
    482 	} lb;
    483 };
    484 
    485 #if !defined(KORE_NO_HTTP)
    486 
    487 #define KORE_VALIDATOR_TYPE_REGEX	1
    488 #define KORE_VALIDATOR_TYPE_FUNCTION	2
    489 
    490 struct kore_validator {
    491 	u_int8_t			type;
    492 	char				*name;
    493 	char				*arg;
    494 	regex_t				rctx;
    495 	struct kore_runtime_call	*rcall;
    496 
    497 	TAILQ_ENTRY(kore_validator)	list;
    498 };
    499 #endif /* !KORE_NO_HTTP */
    500 
    501 #define KORE_BUF_OWNER_API	0x0001
    502 
    503 struct kore_buf {
    504 	u_int8_t		*data;
    505 	int			flags;
    506 	size_t			length;
    507 	size_t			offset;
    508 };
    509 
    510 #define KORE_JSON_TYPE_OBJECT		0x0001
    511 #define KORE_JSON_TYPE_ARRAY		0x0002
    512 #define KORE_JSON_TYPE_STRING		0x0004
    513 #define KORE_JSON_TYPE_NUMBER		0x0008
    514 #define KORE_JSON_TYPE_LITERAL		0x0010
    515 #define KORE_JSON_TYPE_INTEGER		0x0020
    516 #define KORE_JSON_TYPE_INTEGER_U64	0x0040
    517 
    518 #define KORE_JSON_FALSE			0
    519 #define KORE_JSON_TRUE			1
    520 #define KORE_JSON_NULL			2
    521 
    522 #define KORE_JSON_DEPTH_MAX		10
    523 
    524 #define KORE_JSON_ERR_NONE		0
    525 #define KORE_JSON_ERR_INVALID_OBJECT	1
    526 #define KORE_JSON_ERR_INVALID_ARRAY	2
    527 #define KORE_JSON_ERR_INVALID_STRING	3
    528 #define KORE_JSON_ERR_INVALID_NUMBER	4
    529 #define KORE_JSON_ERR_INVALID_LITERAL	5
    530 #define KORE_JSON_ERR_DEPTH		6
    531 #define KORE_JSON_ERR_EOF		7
    532 #define KORE_JSON_ERR_INVALID_JSON	8
    533 #define KORE_JSON_ERR_INVALID_SEARCH	9
    534 #define KORE_JSON_ERR_NOT_FOUND		10
    535 #define KORE_JSON_ERR_TYPE_MISMATCH	11
    536 #define KORE_JSON_ERR_LAST		KORE_JSON_ERR_TYPE_MISMATCH
    537 
    538 #define kore_json_find_object(j, p)		\
    539     kore_json_find(j, p, KORE_JSON_TYPE_OBJECT)
    540 
    541 #define kore_json_find_array(j, p)		\
    542     kore_json_find(j, p, KORE_JSON_TYPE_ARRAY)
    543 
    544 #define kore_json_find_string(j, p)		\
    545     kore_json_find(j, p, KORE_JSON_TYPE_STRING)
    546 
    547 #define kore_json_find_number(j, p)		\
    548     kore_json_find(j, p, KORE_JSON_TYPE_NUMBER)
    549 
    550 #define kore_json_find_integer(j, p)		\
    551     kore_json_find(j, p, KORE_JSON_TYPE_INTEGER)
    552 
    553 #define kore_json_find_integer_u64(j, p)	\
    554     kore_json_find(j, p, KORE_JSON_TYPE_INTEGER_U64)
    555 
    556 #define kore_json_find_literal(j, p)		\
    557     kore_json_find(j, p, KORE_JSON_TYPE_LITERAL)
    558 
    559 #define kore_json_create_object(o, n)				\
    560     kore_json_create_item(o, n, KORE_JSON_TYPE_OBJECT)
    561 
    562 #define kore_json_create_array(o, n)				\
    563     kore_json_create_item(o, n, KORE_JSON_TYPE_ARRAY)
    564 
    565 #define kore_json_create_string(o, n, v)			\
    566     kore_json_create_item(o, n, KORE_JSON_TYPE_STRING, v)
    567 
    568 #define kore_json_create_number(o, n, v)			\
    569     kore_json_create_item(o, n, KORE_JSON_TYPE_NUMBER, (double)v)
    570 
    571 #define kore_json_create_integer(o, n, v)			\
    572     kore_json_create_item(o, n, KORE_JSON_TYPE_INTEGER, (int64_t)v)
    573 
    574 #define kore_json_create_integer_u64(o, n, v)			\
    575     kore_json_create_item(o, n, KORE_JSON_TYPE_INTEGER_U64, (u_int64_t)v)
    576 
    577 #define kore_json_create_literal(o, n, v)			\
    578     kore_json_create_item(o, n, KORE_JSON_TYPE_LITERAL, v)
    579 
    580 struct kore_json {
    581 	const u_int8_t			*data;
    582 	int				depth;
    583 	size_t				length;
    584 	size_t				offset;
    585 
    586 	struct kore_buf			tmpbuf;
    587 	struct kore_json_item		*root;
    588 };
    589 
    590 struct kore_json_item {
    591 	u_int32_t			type;
    592 	char				*name;
    593 	struct kore_json_item		*parent;
    594 
    595 	union {
    596 		TAILQ_HEAD(, kore_json_item)	items;
    597 		char				*string;
    598 		double				number;
    599 		int				literal;
    600 		int64_t				integer;
    601 		u_int64_t			u64;
    602 	} data;
    603 
    604 	int	(*parse)(struct kore_json *,
    605 		    struct kore_json_item *);
    606 
    607 	TAILQ_ENTRY(kore_json_item)	list;
    608 };
    609 
    610 struct kore_pool_region {
    611 	void				*start;
    612 	size_t				length;
    613 	LIST_ENTRY(kore_pool_region)	list;
    614 };
    615 
    616 struct kore_pool_entry {
    617 	u_int8_t			state;
    618 	struct kore_pool_region		*region;
    619 	LIST_ENTRY(kore_pool_entry)	list;
    620 };
    621 
    622 struct kore_pool {
    623 	size_t			elen;
    624 	size_t			slen;
    625 	size_t			elms;
    626 	size_t			inuse;
    627 	size_t			growth;
    628 	volatile int		lock;
    629 	char			*name;
    630 
    631 	LIST_HEAD(, kore_pool_region)	regions;
    632 	LIST_HEAD(, kore_pool_entry)	freelist;
    633 };
    634 
    635 struct kore_timer {
    636 	u_int64_t	nextrun;
    637 	u_int64_t	interval;
    638 	int		flags;
    639 	void		*arg;
    640 	void		(*cb)(void *, u_int64_t);
    641 
    642 	TAILQ_ENTRY(kore_timer)	list;
    643 };
    644 
    645 /*
    646  * Keymgr process is worker index 0, but id 2000.
    647  * Acme process is worker index 1, but id 2001.
    648  */
    649 #define KORE_WORKER_KEYMGR_IDX		0
    650 #define KORE_WORKER_ACME_IDX		1
    651 #define KORE_WORKER_BASE		2
    652 #define KORE_WORKER_KEYMGR		2000
    653 #define KORE_WORKER_ACME		2001
    654 #define KORE_WORKER_MAX			UCHAR_MAX
    655 
    656 #define KORE_WORKER_POLICY_RESTART	1
    657 #define KORE_WORKER_POLICY_TERMINATE	2
    658 
    659 /* Reserved message ids, registered on workers. */
    660 #define KORE_MSG_WEBSOCKET		1
    661 #define KORE_MSG_KEYMGR_REQ		2
    662 #define KORE_MSG_KEYMGR_RESP		3
    663 #define KORE_MSG_SHUTDOWN		4
    664 #define KORE_MSG_ENTROPY_REQ		5
    665 #define KORE_MSG_ENTROPY_RESP		6
    666 #define KORE_MSG_CERTIFICATE		7
    667 #define KORE_MSG_CERTIFICATE_REQ	8
    668 #define KORE_MSG_CRL			9
    669 #define KORE_MSG_ACCEPT_AVAILABLE	10
    670 #define KORE_PYTHON_SEND_OBJ		11
    671 #define KORE_MSG_WORKER_LOG		12
    672 #define KORE_MSG_FATALX			13
    673 #define KORE_MSG_ACME_BASE		100
    674 
    675 /* messages for applications should start at 201. */
    676 #define KORE_MSG_APP_BASE		200
    677 
    678 /* Predefined message targets. */
    679 #define KORE_MSG_PARENT		1000
    680 #define KORE_MSG_WORKER_ALL	1001
    681 
    682 struct kore_msg {
    683 	u_int8_t	id;
    684 	u_int16_t	src;
    685 	u_int16_t	dst;
    686 	size_t		length;
    687 };
    688 
    689 struct kore_keyreq {
    690 	int		padding;
    691 	char		domain[KORE_DOMAINNAME_LEN + 1];
    692 	size_t		data_len;
    693 	u_int8_t	data[];
    694 };
    695 
    696 struct kore_x509_msg {
    697 	char		domain[KORE_DOMAINNAME_LEN + 1];
    698 	size_t		data_len;
    699 	u_int8_t	data[];
    700 };
    701 
    702 #if !defined(KORE_SINGLE_BINARY)
    703 extern char	*config_file;
    704 #endif
    705 
    706 extern pid_t	kore_pid;
    707 extern int	kore_quit;
    708 extern int	kore_quiet;
    709 extern int	skip_chroot;
    710 extern int	skip_runas;
    711 extern int	kore_foreground;
    712 
    713 extern char	*kore_pidfile;
    714 
    715 extern volatile sig_atomic_t	sig_recv;
    716 
    717 extern char	*kore_rand_file;
    718 extern int	kore_keymgr_active;
    719 
    720 extern struct kore_privsep	worker_privsep;
    721 extern struct kore_privsep	keymgr_privsep;
    722 extern struct kore_privsep	acme_privsep;
    723 
    724 extern u_int8_t			nlisteners;
    725 extern u_int16_t		cpu_count;
    726 extern u_int8_t			worker_count;
    727 extern const char		*kore_version;
    728 extern const char		*kore_build_date;
    729 extern int			worker_policy;
    730 extern u_int8_t			worker_set_affinity;
    731 extern u_int32_t		worker_rlimit_nofiles;
    732 extern u_int32_t		worker_max_connections;
    733 extern u_int32_t		worker_active_connections;
    734 extern u_int32_t		worker_accept_threshold;
    735 extern u_int64_t		kore_websocket_maxframe;
    736 extern u_int64_t		kore_websocket_timeout;
    737 extern u_int32_t		kore_socket_backlog;
    738 
    739 extern struct kore_worker	*worker;
    740 extern struct kore_pool		nb_pool;
    741 extern struct kore_domain	*primary_dom;
    742 extern struct kore_server_list	kore_servers;
    743 
    744 /* kore.c */
    745 void		kore_signal(int);
    746 void		kore_shutdown(void);
    747 void		kore_signal_trap(int);
    748 void		kore_signal_setup(void);
    749 void		kore_proctitle(const char *);
    750 void		kore_default_getopt(int, char **);
    751 
    752 void		kore_server_closeall(void);
    753 void		kore_server_cleanup(void);
    754 void		kore_server_free(struct kore_server *);
    755 void		kore_server_finalize(struct kore_server *);
    756 
    757 struct kore_server	*kore_server_create(const char *);
    758 struct kore_server	*kore_server_lookup(const char *);
    759 
    760 void		kore_listener_accept(void *, int);
    761 struct listener	*kore_listener_lookup(const char *);
    762 void		kore_listener_free(struct listener *);
    763 struct listener	*kore_listener_create(struct kore_server *);
    764 int		kore_listener_init(struct listener *, int, const char *);
    765 
    766 int		kore_sockopt(int, int, int);
    767 int		kore_server_bind_unix(struct kore_server *,
    768 		    const char *, const char *);
    769 int		kore_server_bind(struct kore_server *,
    770 		    const char *, const char *, const char *);
    771 /* worker.c */
    772 void		kore_worker_reap(void);
    773 int		kore_worker_init(void);
    774 void		kore_worker_privsep(void);
    775 void		kore_worker_started(void);
    776 void		kore_worker_make_busy(void);
    777 void		kore_worker_shutdown(void);
    778 void		kore_worker_dispatch_signal(int);
    779 int		kore_worker_spawn(u_int16_t, u_int16_t, u_int16_t);
    780 int		kore_worker_keymgr_response_verify(struct kore_msg *,
    781 		    const void *, struct kore_domain **);
    782 
    783 void	kore_worker_entry(struct kore_worker *) __attribute__((noreturn));
    784 
    785 struct kore_worker	*kore_worker_data(u_int8_t);
    786 struct kore_worker	*kore_worker_data_byid(u_int16_t);
    787 
    788 /* platform code (linux.c, bsd.c) */
    789 void		kore_platform_init(void);
    790 void		kore_platform_sandbox(void);
    791 void		kore_platform_event_init(void);
    792 void		kore_platform_event_cleanup(void);
    793 void		kore_platform_disable_read(int);
    794 void		kore_platform_disable_write(int);
    795 void		kore_platform_enable_accept(void);
    796 void		kore_platform_disable_accept(void);
    797 void		kore_platform_event_wait(u_int64_t);
    798 void		kore_platform_event_all(int, void *);
    799 void		kore_platform_event_level_all(int, void *);
    800 void		kore_platform_event_level_read(int, void *);
    801 void		kore_platform_proctitle(const char *);
    802 void		kore_platform_schedule_read(int, void *);
    803 void		kore_platform_schedule_write(int, void *);
    804 void		kore_platform_event_schedule(int, int, int, void *);
    805 void		kore_platform_worker_setcpu(struct kore_worker *);
    806 
    807 #if defined(KORE_USE_PLATFORM_SENDFILE)
    808 int		kore_platform_sendfile(struct connection *, struct netbuf *);
    809 #endif
    810 
    811 #if defined(KORE_USE_PLATFORM_PLEDGE)
    812 void		kore_platform_pledge(void);
    813 void		kore_platform_add_pledge(const char *);
    814 #endif
    815 
    816 /* tls variants. */
    817 #define KORE_X509_NAME_COMMON_NAME	1
    818 
    819 void		kore_tls_init(void);
    820 void		kore_tls_cleanup(void);
    821 void		kore_tls_dh_check(void);
    822 int		kore_tls_supported(void);
    823 void		kore_tls_version_set(int);
    824 void		kore_tls_keymgr_init(void);
    825 int		kore_tls_dh_load(const char *);
    826 void		kore_tls_seed(const void *, size_t);
    827 int		kore_tls_ciphersuite_set(const char *);
    828 int		kore_tls_read(struct connection *, size_t *);
    829 void		kore_tls_domain_cleanup(struct kore_domain *);
    830 int		kore_tls_connection_accept(struct connection *);
    831 void		kore_tls_connection_cleanup(struct connection *);
    832 int		kore_tls_write(struct connection *, size_t, size_t *);
    833 void		kore_tls_domain_crl(struct kore_domain *, const void *, size_t);
    834 void		kore_tls_domain_setup(struct kore_domain *,
    835 		    int, const void *, size_t);
    836 
    837 KORE_PRIVATE_KEY	*kore_tls_rsakey_load(const char *);
    838 KORE_PRIVATE_KEY	*kore_tls_rsakey_generate(const char *);
    839 
    840 int		kore_tls_x509_data(struct connection *, u_int8_t **, size_t *);
    841 KORE_X509_NAMES	*kore_tls_x509_issuer_name(struct connection *);
    842 KORE_X509_NAMES	*kore_tls_x509_subject_name(struct connection *);
    843 int		kore_tls_x509name_foreach(KORE_X509_NAMES *, int, void *,
    844 		    int (*)(void *, int, int, const char *,
    845 		    const void *, size_t, int));
    846 /* accesslog.c */
    847 void		kore_accesslog_init(u_int16_t);
    848 void		kore_accesslog_worker_init(void);
    849 void		kore_accesslog_run(void *, u_int64_t);
    850 void		kore_accesslog_gather(void *, u_int64_t, int);
    851 
    852 #if !defined(KORE_NO_HTTP)
    853 /* auth.c */
    854 int		kore_auth_run(struct http_request *, struct kore_auth *);
    855 int		kore_auth_cookie(struct http_request *, struct kore_auth *);
    856 int		kore_auth_header(struct http_request *, struct kore_auth *);
    857 int		kore_auth_request(struct http_request *, struct kore_auth *);
    858 void		kore_auth_init(void);
    859 int		kore_auth_new(const char *);
    860 struct kore_auth	*kore_auth_lookup(const char *);
    861 #endif
    862 
    863 /* timer.c */
    864 void		kore_timer_init(void);
    865 void		kore_timer_run(u_int64_t);
    866 u_int64_t	kore_timer_next_run(u_int64_t);
    867 void		kore_timer_remove(struct kore_timer *);
    868 struct kore_timer	*kore_timer_add(void (*cb)(void *, u_int64_t),
    869 			    u_int64_t, void *, int);
    870 
    871 /* connection.c */
    872 void			kore_connection_init(void);
    873 void			kore_connection_cleanup(void);
    874 void			kore_connection_prune(int);
    875 struct connection	*kore_connection_new(void *);
    876 void			kore_connection_event(void *, int);
    877 int			kore_connection_nonblock(int, int);
    878 void			kore_connection_check_timeout(u_int64_t);
    879 int			kore_connection_handle(struct connection *);
    880 void			kore_connection_remove(struct connection *);
    881 void			kore_connection_disconnect(struct connection *);
    882 void			kore_connection_start_idletimer(struct connection *);
    883 void			kore_connection_stop_idletimer(struct connection *);
    884 void			kore_connection_check_idletimer(u_int64_t,
    885 			    struct connection *);
    886 int			kore_connection_accept(struct listener *,
    887 			    struct connection **);
    888 void			kore_connection_log(struct connection *,
    889 			    const char *, ...)
    890 			    __attribute__((format (printf, 2, 3)));
    891 const char		*kore_connection_ip(struct connection *);
    892 
    893 void		kore_log_init(void);
    894 void		kore_log_file(const char *);
    895 
    896 #if defined(KORE_USE_PYTHON)
    897 int		kore_configure_setting(const char *, char *);
    898 #endif
    899 
    900 /* config.c */
    901 void		kore_parse_config(void);
    902 void		kore_parse_config_file(FILE *);
    903 
    904 /* mem.c */
    905 void		*kore_malloc(size_t);
    906 void		*kore_calloc(size_t, size_t);
    907 void		*kore_realloc(void *, size_t);
    908 void		kore_free(void *);
    909 void		kore_mem_init(void);
    910 void		kore_mem_cleanup(void);
    911 void		kore_mem_untag(void *);
    912 void		*kore_mem_lookup(u_int32_t);
    913 void		kore_mem_zero(void *, size_t);
    914 void		kore_mem_tag(void *, u_int32_t);
    915 void		*kore_malloc_tagged(size_t, u_int32_t);
    916 
    917 /* pool.c */
    918 void		*kore_pool_get(struct kore_pool *);
    919 void		kore_pool_put(struct kore_pool *, void *);
    920 void		kore_pool_init(struct kore_pool *, const char *,
    921 		    size_t, size_t);
    922 void		kore_pool_cleanup(struct kore_pool *);
    923 
    924 /* utils.c */
    925 void		fatal(const char *, ...) __attribute__((noreturn))
    926 		    __attribute__((format (printf, 1, 2)));
    927 void		fatalx(const char *, ...) __attribute__((noreturn))
    928 		    __attribute__((format (printf, 1, 2)));
    929 
    930 u_int64_t	kore_time_ms(void);
    931 char		*kore_time_to_date(time_t);
    932 char		*kore_strdup(const char *);
    933 time_t		kore_date_to_time(const char *);
    934 void		kore_log(int, const char *, ...)
    935 		    __attribute__((format (printf, 2, 3)));
    936 u_int64_t	kore_strtonum64(const char *, int, int *);
    937 size_t		kore_strlcpy(char *, const char *, const size_t);
    938 void		kore_server_disconnect(struct connection *);
    939 int		kore_split_string(char *, const char *, char **, size_t);
    940 void		kore_strip_chars(char *, const char, char **);
    941 int		kore_snprintf(char *, size_t, int *, const char *, ...)
    942 		    __attribute__((format (printf, 4, 5)));
    943 long long	kore_strtonum(const char *, int, long long, long long, int *);
    944 double		kore_strtodouble(const char *, long double, long double, int *);
    945 int		kore_base64_encode(const void *, size_t, char **);
    946 int		kore_base64_decode(const char *, u_int8_t **, size_t *);
    947 int		kore_base64url_encode(const void *, size_t, char **, int);
    948 int		kore_base64url_decode(const char *, u_int8_t **, size_t *, int);
    949 int		kore_x509_issuer_name(struct connection *, char **, int);
    950 int		kore_x509_subject_name(struct connection *, char **, int);
    951 
    952 void		*kore_mem_find(void *, size_t, const void *, size_t);
    953 char		*kore_text_trim(char *, size_t);
    954 char		*kore_read_line(FILE *, char *, size_t);
    955 
    956 #if !defined(KORE_NO_HTTP)
    957 /* websocket.c */
    958 void		kore_websocket_handshake(struct http_request *,
    959 		    const char *, const char *, const char *);
    960 int		kore_websocket_send_clean(struct netbuf *);
    961 void		kore_websocket_send(struct connection *,
    962 		    u_int8_t, const void *, size_t);
    963 void		kore_websocket_broadcast(struct connection *,
    964 		    u_int8_t, const void *, size_t, int);
    965 #endif
    966 
    967 /* msg.c */
    968 void		kore_msg_init(void);
    969 void		kore_msg_worker_init(void);
    970 void		kore_msg_parent_init(void);
    971 void		kore_msg_unregister(u_int8_t);
    972 void		kore_msg_parent_add(struct kore_worker *);
    973 void		kore_msg_parent_remove(struct kore_worker *);
    974 void		kore_msg_send(u_int16_t, u_int8_t, const void *, size_t);
    975 int		kore_msg_register(u_int8_t,
    976 		    void (*cb)(struct kore_msg *, const void *));
    977 
    978 #if !defined(KORE_NO_HTTP)
    979 /* filemap.c */
    980 void		kore_filemap_init(void);
    981 void		kore_filemap_resolve_paths(void);
    982 extern char	*kore_filemap_ext;
    983 extern char	*kore_filemap_index;
    984 
    985 struct kore_route	*kore_filemap_create(struct kore_domain *, const char *,
    986 			    const char *, const char *);
    987 #endif
    988 
    989 /* fileref.c */
    990 void			kore_fileref_init(void);
    991 struct kore_fileref	*kore_fileref_get(const char *, int);
    992 struct kore_fileref	*kore_fileref_create(struct kore_server *,
    993 			    const char *, int, off_t, struct timespec *);
    994 void			kore_fileref_release(struct kore_fileref *);
    995 
    996 /* domain.c */
    997 struct kore_domain	*kore_domain_new(const char *);
    998 struct kore_domain	*kore_domain_byid(u_int16_t);
    999 struct kore_domain	*kore_domain_lookup(struct kore_server *, const char *);
   1000 
   1001 void		kore_domain_init(void);
   1002 void		kore_domain_cleanup(void);
   1003 void		kore_domain_free(struct kore_domain *);
   1004 void		kore_module_init(void);
   1005 void		kore_module_cleanup(void);
   1006 void		kore_module_reload(int);
   1007 void		kore_module_onload(void);
   1008 int		kore_module_loaded(void);
   1009 void		kore_domain_closelogs(void);
   1010 void		*kore_module_getsym(const char *, struct kore_runtime **);
   1011 void		kore_domain_load_crl(void);
   1012 void		kore_domain_keymgr_init(void);
   1013 void		kore_domain_callback(void (*cb)(struct kore_domain *));
   1014 int		kore_domain_attach(struct kore_domain *, struct kore_server *);
   1015 
   1016 #if !defined(KORE_NO_HTTP)
   1017 /* route.c */
   1018 void		kore_route_reload(void);
   1019 void		kore_route_free(struct kore_route *);
   1020 void		kore_route_callback(struct kore_route *, const char *);
   1021 
   1022 struct kore_route	*kore_route_create(struct kore_domain *,
   1023 			    const char *, int);
   1024 int			kore_route_lookup(struct http_request *,
   1025 			    struct kore_domain *, int, struct kore_route **);
   1026 #endif
   1027 
   1028 /* runtime.c */
   1029 struct kore_runtime_call	*kore_runtime_getcall(const char *);
   1030 struct kore_module		*kore_module_load(const char *,
   1031 				    const char *, int);
   1032 
   1033 void	kore_runtime_execute(struct kore_runtime_call *);
   1034 int	kore_runtime_onload(struct kore_runtime_call *, int);
   1035 void	kore_runtime_signal(struct kore_runtime_call *, int);
   1036 void	kore_runtime_configure(struct kore_runtime_call *, int, char **);
   1037 void	kore_runtime_connect(struct kore_runtime_call *, struct connection *);
   1038 #if !defined(KORE_NO_HTTP)
   1039 int	kore_runtime_http_request(struct kore_runtime_call *,
   1040 	    struct http_request *);
   1041 void	kore_runtime_http_request_free(struct kore_runtime_call *,
   1042 	    struct http_request *);
   1043 void	kore_runtime_http_body_chunk(struct kore_runtime_call *,
   1044 	    struct http_request *, const void *, size_t);
   1045 int	kore_runtime_validator(struct kore_runtime_call *,
   1046 	    struct http_request *, const void *);
   1047 void	kore_runtime_wsconnect(struct kore_runtime_call *, struct connection *);
   1048 void	kore_runtime_wsdisconnect(struct kore_runtime_call *,
   1049 	    struct connection *);
   1050 void	kore_runtime_wsmessage(struct kore_runtime_call *,
   1051 	    struct connection *, u_int8_t, const void *, size_t);
   1052 #endif
   1053 
   1054 #if !defined(KORE_NO_HTTP)
   1055 /* validator.c */
   1056 void		kore_validator_init(void);
   1057 void		kore_validator_reload(void);
   1058 int		kore_validator_add(const char *, u_int8_t, const char *);
   1059 int		kore_validator_run(struct http_request *, const char *, char *);
   1060 int		kore_validator_check(struct http_request *,
   1061 		    struct kore_validator *, const void *);
   1062 struct kore_validator	*kore_validator_lookup(const char *);
   1063 #endif
   1064 
   1065 const char	*kore_worker_name(int);
   1066 
   1067 /* net.c */
   1068 u_int16_t	net_read16(u_int8_t *);
   1069 u_int32_t	net_read32(u_int8_t *);
   1070 u_int64_t	net_read64(u_int8_t *);
   1071 void		net_write16(u_int8_t *, u_int16_t);
   1072 void		net_write32(u_int8_t *, u_int32_t);
   1073 void		net_write64(u_int8_t *, u_int64_t);
   1074 
   1075 void		net_init(void);
   1076 void		net_cleanup(void);
   1077 struct netbuf	*net_netbuf_get(void);
   1078 int		net_send(struct connection *);
   1079 int		net_send_flush(struct connection *);
   1080 int		net_recv_flush(struct connection *);
   1081 int		net_read(struct connection *, size_t *);
   1082 int		net_write(struct connection *, size_t, size_t *);
   1083 void		net_recv_reset(struct connection *, size_t,
   1084 		    int (*cb)(struct netbuf *));
   1085 void		net_remove_netbuf(struct connection *, struct netbuf *);
   1086 void		net_recv_queue(struct connection *, size_t, int,
   1087 		    int (*cb)(struct netbuf *));
   1088 void		net_recv_expand(struct connection *c, size_t,
   1089 		    int (*cb)(struct netbuf *));
   1090 void		net_send_queue(struct connection *, const void *, size_t);
   1091 void		net_send_stream(struct connection *, void *,
   1092 		    size_t, int (*cb)(struct netbuf *), struct netbuf **);
   1093 void		net_send_fileref(struct connection *, struct kore_fileref *);
   1094 
   1095 /* buf.c */
   1096 void		kore_buf_free(struct kore_buf *);
   1097 struct kore_buf	*kore_buf_alloc(size_t);
   1098 void		kore_buf_init(struct kore_buf *, size_t);
   1099 void		kore_buf_append(struct kore_buf *, const void *, size_t);
   1100 u_int8_t	*kore_buf_release(struct kore_buf *, size_t *);
   1101 void		kore_buf_reset(struct kore_buf *);
   1102 void		kore_buf_cleanup(struct kore_buf *);
   1103 
   1104 char	*kore_buf_stringify(struct kore_buf *, size_t *);
   1105 void	kore_buf_appendf(struct kore_buf *, const char *, ...)
   1106 		    __attribute__((format (printf, 2, 3)));
   1107 void	kore_buf_appendv(struct kore_buf *, const char *, va_list)
   1108 		    __attribute__((format (printf, 2, 0)));
   1109 void	kore_buf_replace_string(struct kore_buf *,
   1110 	    const char *, const void *, size_t);
   1111 
   1112 /* json.c */
   1113 int	kore_json_errno(void);
   1114 int	kore_json_parse(struct kore_json *);
   1115 void	kore_json_cleanup(struct kore_json *);
   1116 void	kore_json_item_free(struct kore_json_item *);
   1117 void	kore_json_init(struct kore_json *, const void *, size_t);
   1118 void	kore_json_item_tobuf(struct kore_json_item *, struct kore_buf *);
   1119 void	kore_json_item_attach(struct kore_json_item *, struct kore_json_item *);
   1120 
   1121 const char		*kore_json_strerror(void);
   1122 struct kore_json_item	*kore_json_find(struct kore_json_item *,
   1123 			    const char *, u_int32_t);
   1124 struct kore_json_item	*kore_json_create_item(struct kore_json_item *,
   1125 			    const char *, u_int32_t, ...);
   1126 
   1127 /* keymgr.c */
   1128 void	kore_keymgr_run(void);
   1129 void	kore_keymgr_cleanup(int);
   1130 
   1131 #if defined(__cplusplus)
   1132 }
   1133 #endif
   1134 
   1135 #endif /* !__H_KORE_H */